Virtualization

The open source standard for hardware virtualization

The hypervisor was first described in a SOSP 2003 paper called "Xen and the Art of Virtualization". It was open sourced to allow a global community of developers to contribute and improve the hypervisor.

Xen 1.0 was officially released in 2004, followed shortly by Xen 2.0. At the same time, Ian Pratt and several other technology leaders became involved with the project team. They founded a company known as XenSource, which was later acquired by Citrix in order to convert the hypervisor from a research tool into a competitive product for enterprise computing. The hypervisor remained an open source solution and has since become the basis of many commercial products.

In 2013, the project went under the auspices of the Linux Foundation. Accompanying the move, a new trademark "Xen Project" was adopted to differentiate the open source project from the many commercial efforts which used the older "Xen" trademark.

Today, the hypervisor offers a powerful, efficient and secure feature set for virtualization of x86, x86_64, IA64, ARM and other CPU architectures, and has been used to virtualize a wide range of guest operating systems, including Windows®, Linux®, Solaris® and various versions of the BSD operating systems. It is widely regarded as a strategically compelling alternative to proprietary virtualization platforms and hypervisors for x86 and IA64 platforms.

Just What is the Xen Project Hypervisor?

The Xen Project community develops an open-source type-1 or baremetal hypervisor, which makes it possible to run many instances of an operating system or indeed different operating systems in parallel on a single machine (or host). The project develops the only type-1 hypervisor that is available as open source. The hypervisor is used as the basis for a number of different commercial and open source applications, such as: server virtualization, Infrastructure as a Service (IaaS), desktop virtualization, security applications, embedded and hardware appliances. It enables users to increase server utilization, consolidate server farms, reduce complexity, and decrease total cost of ownership.

Aren't Hypervisors Old Hat? Aren't Containers the Future?

Certainly, there has been much talk recently about the value of Container-based solutions. And there is reason for excitement: the packaging and deployment aspects, as well as the lightweight nature, of Containers are interesting and useful.

However, the convenience of Containers is not the entire story. Containers lack in two critical areas:

Flexibility

Security

Flexibility

Containers have to share a common kernel, which means that non-Linux operating systems like Windows, FreeBSD, NetBSD, etc. cannot be supported. If you don't have VMs which can run off the same version of Linux kernel, you will likely need a hypervisor like that in Xen Project.

Security

Perhaps the biggest issue with Containers is security. With a shared kernel architecture, if someone cracks one VM and violates the kernel, every single Container on that machine is at risk! It can be said that Containers are a jackpot for the malicious hacker: one successful exploit could yield dozens, hundreds, or even thousands of VMs to ravage.

This is absolutely not true with the Xen Project Hypervisor. Our Hypervisor is designed with multilevel defense protocols. Its architecture insulates VMs from one another. The compromise of a single VM does not violate other VMs on the same host. In fact, the Xen Project hypervisor is designed so a rogue VM will have a very difficult time violating other VMs on the hardware.

If security is a concern, you want the security design of the Xen Project Hypervisor, not a Container, to get the job done.

To learn more about the security issues of Containers, read this entry from the Xen Project blog.